ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzab6_5.4.0.1/x1sslclient.htm

216 lines
7.9 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Example: Establish a secure client with SSL_ APIs" />
<meta name="abstract" content="This example enables a client application using the SSL_ APIs to communicate with a server application that uses the SSL_APIs." />
<meta name="description" content="This example enables a client application using the SSL_ APIs to communicate with a server application that uses the SSL_APIs." />
<meta name="DC.Relation" scheme="URI" content="x1ssl.htm" />
<meta name="DC.Relation" scheme="URI" content="cssl2.htm" />
<meta name="DC.Relation" scheme="URI" content="x1sslserver.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2001, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2001, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="x1sslclient" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Example: Establish a secure client with SSL_ APIs</title>
</head>
<body id="x1sslclient"><a name="x1sslclient"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Example: Establish a secure client with SSL_ APIs</h1>
<div><p><span>This example enables a client
application using the SSL_ APIs to communicate with a server application that
uses the SSL_APIs.</span></p>
<div class="section"></div>
<div class="section"><div class="note"><span class="notetitle">Note:</span> By using the code examples, you agree to the terms of the <a href="codedisclaimer.htm">Code license and disclaimer information</a>.</div>
<pre>/* SSL Client Program using SSL_Init_Application */
/* Assummes that application id is already registered */
/* and a certificate has been associated with the */
/* application id. */
/* No parameters, some comments and many hardcoded */
/* values to keep it short and simple */
/* use following command to create bound program: */
/* CRTBNDC PGM(MYLIB/SSLCLIAPP) */
/* SRCFILE(MYLIB/CSRC) */
/* SRCMBR(SSLCLIAPP */
#include &lt;stdio.h&gt;
#include &lt;stdlib.h&gt;
#include &lt;sys/types.h&gt;
#include &lt;ctype.h&gt;
#include &lt;sys/socket.h&gt;
#include &lt;qsossl.h&gt;
#include &lt;netinet/in.h&gt;
#include &lt;arpa/inet.h&gt;
#include &lt;netdb.h&gt;
#include &lt;errno.h&gt;
/* Making this simple - no parameters */
void main(void)
{
SSLHandle *sslh;
SSLInitApp sslinit;
struct sockaddr_in address;
int buf_len, rc = 0, sd;
char buff1[1024];
char buff2[1024];
/* only want to use 1 cipher suite */
unsigned short int cipher = SSL_RSA_WITH_RC4_128_SHA;
/* hardcoded IP address */
char addr[12] = "16.35.146.84";
void * malloc_ptr = (void *) NULL;
unsigned int malloc_size = 8192;
/* memset sslinit structure to hex zeros */
memset((char *)&amp;sslinit, 0, sizeof(sslinit));
/* fill in values for sslinitapp structure */
/* using an existing app id */
sslinit.applicationID = "MY_CLIENT_APP";
sslinit.applicationIDLen = 13;
sslinit.localCertificate = NULL;
sslinit.localCertificateLen = 0;
sslinit.cipherSuiteList = NULL;
sslinit.cipherSuiteListLen = 0;
/* allocate and set pointers for certificate buffer */
malloc_ptr = (void*) malloc(malloc_size);
sslinit.localCertificate = (unsigned char*) malloc_ptr;
sslinit.localCertificateLen = malloc_size;
/* initialize ssl call SSL_Init_Application */
rc = SSL_Init_Application(&amp;sslinit);
if (rc != 0)
{
printf("SSL_Init_Application() failed with rc = %d and errno = %d.\n",
rc,errno);
return;
}
/* initialize a socket */
sd = socket(AF_INET, SOCK_STREAM, 0);
if (sd &lt; 0)
{
perror("socket() failed");
return;
}
/* enable SSL support for the socket */
sslh = SSL_Create(sd, SSL_ENCRYPT);
if (sslh == NULL)
{
printf("SSL_Create() failed with errno = %d.\n", errno);
close(sd);
return;
}
/* connect to the server using a set port number */
memset((char *) &amp;address, 0, sizeof(address));
address.sin_family = AF_INET;
address.sin_port = 13333;
address.sin_addr.s_addr = inet_addr(addr);
rc = connect(sd, (struct sockaddr *) &amp;address, sizeof(address));
if (rc &lt; 0)
{
perror("connect() failed");
close(sd);
return;
}
/* set up to call handshake, setting cipher */
sslh -&gt; protocol = 0;
sslh -&gt; timeout = 0;
sslh -&gt; cipherSuiteList = &amp;cipher;
sslh -&gt; cipherSuiteListLen = 1;
/* initiate the SSL handshake - as a CLIENT */
rc = SSL_Handshake(sslh, SSL_HANDSHAKE_AS_CLIENT);
if (rc != 0)
{
printf("SSL_Handshake() failed with rc = %d and errno = %d.\n",
rc, errno);
close(sd);
return;
}
/* send a message to the server using the secure session */
strcpy(buff1,"Test of SSL_Write \n\n");
buf_len = strlen(buff1);
rc = SSL_Write(sslh, buff1, buf_len);
if (rc != buf_len)
{
if (rc &lt; 0)
{
printf("SSL_Write() failed with rc = %d and errno = %d.\n",rc,errno);
SSL_Destroy(sslh);
close(sd);
return;
}
else
{
printf("SSL_Write() did not write all data.\n");
SSL_Destroy(sslh);
close(sd);
return;
}
}
/* write the results to the screen */
printf("SSL_Write() wrote ...\n");
printf("%s\n",buff1);
memset((char *) buff2, 0x00, sizeof(buff2));
/* receive the message from the server using the secure session */
rc = SSL_Read(sslh, buff2, buf_len);
if (rc &lt; 0)
{
printf("SSL_Read() failed with rc = %d.\n",rc);
SSL_Destroy(sslh);
close(sd);
return;
}
/* write the results to the screen */
printf("SSL_Read() read ...\n");
printf("%s\n",buff2);
/* disable SSL support for the socket */
SSL_Destroy(sslh);
/* close the connection by closing the local socket */
close(sd);
return;
}</pre>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="x1ssl.htm" title="You can create secure server and clients using either the Global Secure ToolKit (GSKit) APIs or the Secure Sockets Layer (SSL_) APIs.">Examples: Establish secure connections</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="cssl2.htm" title="The SSL_ APIs allow programmers to create secure socket applications on iSeries.">SSL_ APIs</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="x1sslserver.htm" title="In addition to creating secure applications using the GSKit APIs, you can also use the SSL_ APIs. SSL_ APIs only exist in the i5/OS operating system.">Example: Establish a secure server with SSL_ APIs</a></div>
</div>
</div>
</body>
</html>